https://vulnerability.circl.lu/sightings/feed 2026-05-04T15:54:23.978865+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/de34d1a4-4a4e-414b-9f93-c1f0c34e1872/export 2026-05-04T15:54:24.252954+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "de34d1a4-4a4e-414b-9f93-c1f0c34e1872", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/thehackernews/4126", "content": "CISA adds high-severity flaw (CVE-2023-29552) in SLP to Known Exploited Vulnerabilities list. This flaw is being actively exploited to launch massive DoS amplification attacks. \n \nRead: https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html", "creation_timestamp": "2023-11-09T07:16:19.000000Z"} 2023-11-09T07:16:19+00:00 https://vulnerability.circl.lu/sighting/b0a969e3-7922-4ec9-b6f5-87332f47665f/export 2026-05-04T15:54:24.252834+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "b0a969e3-7922-4ec9-b6f5-87332f47665f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "Telegram/ITlnoIKxw8fWTwUOX0oLpzTnmNV1tK6JMvQUjg6Rza1JcQ", "content": "", "creation_timestamp": "2023-11-09T10:16:29.000000Z"} 2023-11-09T10:16:29+00:00 https://vulnerability.circl.lu/sighting/de3e7215-4fc9-498d-a457-4eb5bc2ed43d/export 2026-05-04T15:54:24.252716+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "de3e7215-4fc9-498d-a457-4eb5bc2ed43d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/ctinow/148464", "content": "https://ift.tt/mxWLcCh\nNetography Releases Detection for Actively Exploited DoS Amplification CVE-2023-29552", "creation_timestamp": "2023-11-09T21:37:02.000000Z"} 2023-11-09T21:37:02+00:00 https://vulnerability.circl.lu/sighting/9f61d6a0-0d6c-442e-b34b-67ea23f7f511/export 2026-05-04T15:54:24.252572+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "9f61d6a0-0d6c-442e-b34b-67ea23f7f511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://t.me/true_secator/5071", "content": "\u041a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 KEV \u043f\u043e\u043f\u043e\u043b\u043d\u0438\u043b\u0441\u044f \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b SLP \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-29552 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 7,5 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0442\u0438\u043f\u0430 DoS, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a \u0441 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u0435\u043c, \u043e \u0447\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 Bitsight\u00a0\u0438 Curesec.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 SLP \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 UDP-\u0442\u0440\u0430\u0444\u0438\u043a \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u0430\u0442\u0430\u043a \u0442\u0438\u043f\u0430 DoS \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u043a\u043e\u044d\u0444\u0444\u0438\u0446\u0438\u0435\u043d\u0442\u043e\u043c \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Bitsight \u0438 Curesec, \u0443 SLP \u043a\u043e\u044d\u0444\u0444\u0438\u0446\u0438\u0435\u043d\u0442 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f DDoS \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u00a02200, \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438 \u0448\u0438\u0440\u043e\u043a\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0441\u0435\u0442\u044c \u0438\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440.\n\nDDoS-\u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c SLP \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 \u0434\u0432\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b PoC \u043d\u0430 GitHub, \u043e\u0434\u043d\u0430\u043a\u043e \u0442\u043e\u0447\u043d\u044b\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b.\n\n\u041d\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2023-11-10T12:27:23.000000Z"} 2023-11-10T12:27:23+00:00 https://vulnerability.circl.lu/sighting/4f5a40a5-2262-451f-af48-165165537b8d/export 2026-05-04T15:54:24.252442+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "4f5a40a5-2262-451f-af48-165165537b8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://t.me/arpsyndicate/1111", "content": "#ExploitObserverAlert\n\nCVE-2023-29552\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-29552. The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.\n\nFIRST-EPSS: 0.043370000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T04:17:18.000000Z"} 2023-12-04T04:17:18+00:00 https://vulnerability.circl.lu/sighting/e88ddcc6-2962-4ea4-a12f-3f48208e11c1/export 2026-05-04T15:54:24.252306+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "e88ddcc6-2962-4ea4-a12f-3f48208e11c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/5741", "content": "What is SLP protocol?\n\nService Location Protocol (SLP) is a network protocol designed to simplify the process of discovering and accessing network services. Developed by the Internet Engineering Task Force (IETF) and defined in RFC 2608, SLP eliminates the need for users or administrators to manually configure clients with the addresses of available network services. Instead, it allows devices and applications to automatically find and connect to services in their local area networks (LANs). Since the SLP protocol doesn\u2019t require authentication, anyone can register new services, which is why it wasn\u2019t intended to be publicly available over the Internet.\n\nHow Does SLP Work?\n\nSLP operates based on a request-response model that involves three primary components: User Agents (UAs), Service Agents (SAs), and Directory Agents (DAs).\n\nUser Agents (UAs): UAs are clients seeking network services. They send out service requests to discover the available services in the network.\n\nService Agents (SAs): SAs represent the network services themselves. They advertise the services they offer and respond to service requests from UAs.\n\nDirectory Agents (DAs): DAs act as a centralized repository for service information. They cache the advertisements from SAs, and UAs can query them to find the desired services more efficiently. Although DAs are optional, their presence improves the overall performance of the SLP system.\n\nUnderstanding How CVE-2023-29552 Works\n\nThe attack technique allows an unauthenticated, remote attacker to register arbitrary services. This would enable the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.\n\nhttps://t.me/GrayHatsHack\n\n#cybersec #infosec #hacking #hack #cybersecurity #hackers #grayhats", "creation_timestamp": "2024-05-29T23:44:40.000000Z"} 2024-05-29T23:44:40+00:00 https://vulnerability.circl.lu/sighting/d1ab2006-b306-4cbf-99fc-5ee05583b662/export 2026-05-04T15:54:24.252190+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "d1ab2006-b306-4cbf-99fc-5ee05583b662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971913", "content": "", "creation_timestamp": "2024-12-24T20:35:34.222138Z"} 2024-12-24T20:35:34.222138+00:00 https://vulnerability.circl.lu/sighting/edf9b29a-0474-4d96-8680-0a6aab7c8c5d/export 2026-05-04T15:54:24.252034+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "edf9b29a-0474-4d96-8680-0a6aab7c8c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3311", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-29552\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2023-04-25T16:15:09.537\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html\n2. https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html\n3. https://datatracker.ietf.org/doc/html/rfc2608\n4. https://github.com/curesec/slpload\n5. https://security.netapp.com/advisory/ntap-20230426-0001/\n6. https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp\n7. https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks\n8. https://www.suse.com/support/kb/doc/?id=000021051\n9. https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html\n10. https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html\n11. https://datatracker.ietf.org/doc/html/rfc2608\n12. https://github.com/curesec/slpload\n13. https://security.netapp.com/advisory/ntap-20230426-0001/\n14. https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp\n15. https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks\n16. https://www.suse.com/support/kb/doc/?id=000021051", "creation_timestamp": "2025-01-28T23:18:07.000000Z"} 2025-01-28T23:18:07+00:00 https://vulnerability.circl.lu/sighting/64584799-8df4-4e63-b766-12b86f4eec1d/export 2026-05-04T15:54:24.250980+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "64584799-8df4-4e63-b766-12b86f4eec1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29552", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"} 2025-02-23T02:10:48+00:00 https://vulnerability.circl.lu/sighting/ad7d6098-1258-4348-ba23-f3c1065be666/export 2026-05-04T15:54:24.249268+00:00 Cédric Bonhomme http://vulnerability.circl.lu/user/cedric {"uuid": "ad7d6098-1258-4348-ba23-f3c1065be666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-29552", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a7b2e9e6-d290-41b3-af34-4085e8dafa7d", "content": "", "creation_timestamp": "2026-02-02T12:26:47.433070Z"} 2026-02-02T12:26:47.433070+00:00